-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Mike Perry wrote:
1. User has a private network whose DNS is set to resolve private
names to public IP addresses which normally would not have been
reachable in the IPv4 scan, and whose TLS certs are also signed by a
public trusted root CA. This
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Tue, 21 Jun 2011 11:20:07 -0700
Mike Perry mikepe...@fscked.org wrote:
2. User has private network on RFC 1918 space, yet uses an HTTP proxy
to access it (which means we can't tell that it is private IP space).
Said user is also
Thus spake tagnaq (tag...@gmail.com):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/21/2011 01:58 AM, Mike Perry wrote:
I've spent some time working with the EFF recently to build a
distributed version of the SSL Observatory
(https://www.eff.org/observatory) to be included with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 06/04/2011 12:52 PM, Robert Ransom wrote:
My understanding was that EFF would query DNS for a hostname, and if
the hostname does not exist, assume that it's private. (This should
scare you even more.)
Well, if the EFF is able to ask the DNS
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Sat, 4 Jun 2011 12:09:52 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
My understanding was that EFF would query DNS for a hostname, and if
the hostname does not exist, assume
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 06/04/2011 09:56 PM, Mike Perry wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Sat, 4 Jun 2011 12:09:52 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
My understanding was
On Sat, 4 Jun 2011 12:56:15 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Sat, 4 Jun 2011 12:09:52 -0700
Mike Perry mikepe...@fscked.org wrote:
Thus spake Robert Ransom (rransom.8...@gmail.com):
My understanding was that EFF
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/21/2011 01:58 AM, Mike Perry wrote:
I've spent some time working with the EFF recently to build a
distributed version of the SSL Observatory
(https://www.eff.org/observatory) to be included with HTTPS
Everywhere. The draft API and design
if EFF was presented with a national security letter
or other legal demand under seal demanding the
existence of a given certificate not be exposed,
would they be bound to not present a MITM alert for
that cert?
Leaving this for pde and/or Seth.
It's a question for our legal team. I'll ask
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Sun, 20 Mar 2011 17:58:06 -0700
Mike Perry mikepe...@fscked.org wrote:
However, I'm not sure that this is going to work for Tor Browser
Bundle users (which ships with HTTPS Everywhere) who may have the TBB
on readonly USB keys or
Thus spake Robert Ransom (rransom.8...@gmail.com):
On Mon, 21 Mar 2011 09:05:30 -0400
Joseph Lorenzo Hall joeh...@gmail.com wrote:
It strikes me that I'd want notice (or the option to get notice)
before submitting rare certs to the database... say a dialog like:
We're about to submit
11 matches
Mail list logo
